| 摘要 |
Techniques and systems for managing failure recovery in redundant systems are described. A pair of redundant system units includes a first unit and a second unit, one of which operates as a primary unit and one of which operates as a backup unit. Upon initiation of operation of a system unit, that unit enters an initial status as the backup unit, so that simultaneous initiation of both units causes a status conflict. Recognition of a status conflict causes status negotiation, so that one unit is designated the primary unit and the other the backup unit. Upon failure of a unit, the other unit checks its status and continues operation if it is the primary unit or transitions to become the primary unit if it is the backup unit. Upon replacement, the failed unit is initialized, being designated as the backup unit. The operating unit continues operation as the primary unit.
|
